PT-2016-3191 · Zlib+9 · Zlib+9
Published
2016-09-22
·
Updated
2025-12-03
·
CVE-2016-9840
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
zlib version 1.2.8
Description
The issue is caused by improper pointer arithmetic in the inftrees.c component of the zlib library. This could allow a remote attacker to exploit the vulnerability, potentially leading to unspecified impact, including disruption of confidentiality, integrity, and availability of protected information. The vulnerability may be exploited by persuading a victim to open a specially crafted document, resulting in a denial of service.
Recommendations
For zlib version 1.2.8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Centos
Ibm Aix
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu
Zlib